+ Post New Thread
Page 2 of 2 FirstFirst 12
Results 16 to 21 of 21
*nix Thread, Automount SMB share in Technical; Some comments: Code: apt-get install joe Ubuntu installs nano by default. Install and configure ntpdate to keep the time in ...
  1. #16

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,804
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: Automount SMB share

    Some comments:

    Code:
    apt-get install joe
    Ubuntu installs nano by default.

    Install and configure ntpdate to keep the time in sync with Active Directory servers
    Like I said in previous threads, I prefer to use ntpd. ntpdate only runs at machine startup. If the machine is on for any length of time with a wobbly hardware clock it'll slowly drift out of the 5 minute window and kerberos will break.

    this is only really necessary using kerberos, which this method does not, but it's nice to be time-synced.
    Kerberos is required for the correction functioning of winbind and samba in a AD enviroment (security = ADS in smb.conf).

    Code:
    apt-get install krb5-user
    rm /etc/krb.conf
    Code:
    password server = AD-server-IP-goes-here
    You can leave this out and Samba will go and find the nearest DC based on DNS.

    Code:
    hosts:          files dns mdns
    If you add 'wins' here you can also allow the machine to do netbios name resolution. Although you shouldn't need to do this in an AD enviroment (because everything should be registered in DNS) sometimes the odd legacy client that you have to talk to isn't (found this out talking to print servers!).

    Code:
    options_require nosuid,nodev
    Also consider noexec, this'll stop the little blighters running Linux executables from their home folders.

  2. #17


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339

    Re: Automount SMB share

    this is only really necessary using kerberos, which this method does not, but it's nice to be time-synced.

    Kerberos is required for the correction functioning of winbind and samba in a AD enviroment (security = ADS in smb.conf).
    Interesting, this has been my biggest headache, what the krb5 is doing- my krb5.conf works fine but since I had no krb5 in the pam config I thought I'd test - I removed /etc/krb5.conf and nothing seemed to change - homedirectories are mounted and users login without a functioning kerberos. Do you happen to know which parts of samba ads mode require this? or should I just enable for good measure? I get the impession kerberos/LDAP are indepandant from winbindd

  3. #18

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,804
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: Automount SMB share

    If you have no kerberos installed, you cannot get a kerberos ticket. If you have no kerberos ticket authentication fails (Winbind fails at this point). If authentication fails you cannot do LDAP lookups (Samba fails here).

  4. #19

    Join Date
    Oct 2008
    Posts
    94
    Thank Post
    8
    Thanked 16 Times in 10 Posts
    Rep Power
    27

    Unhappy guide for automounting AD home folders under jaunty?

    Hi!

    I've tried just about every guide on the net on how to get automounting of folders after a GDM login to work but I've had no luck yet and CyberNerds guide is no exception although I realise he wrote it for 'buntu 6.06 and I'm trying to get it to work under 9.04 which will have much more recent versions of samba etc. of course, no doubt with all-new config file formats and options etc.

    I didn't follow the guide to the letter as I joined to the domain with openlikewise first (which works fine) and I also ignored his ntp instructions in favour of setting up openntpd as was recommended in the comments that followed the guide. All went went until I got up to:

    root@ohgs-desktop:/etc/samba# wbinfo -u
    Error looking up domain users
    root@ohgs-desktop:/etc/samba# wbinfo -g
    Error looking up domain groups

    So at that point I gave up as I presumed samba wasn't setup properly despite the fact that the net command supposedly did join me to the domain correctly but maybe this is conflicting with openlikewise??

    So, does anyone know of a complete, up-to-date AND easy to follow guide to adding a 9.04/GDM box to a w2k3 AD domain and have it so that users network home folders get automounted? Also, is there any reason I can't or shouldn't auto mount the network drives to /home/$username instead of /home/$domain/$username as most guides seem to do?

    Thanks!

  5. #20


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    A blast from the past...
    This is how we setup our samba fileservers, on RHEL5. should be similar for ubuntu:

    http://www.edugeek.net/wiki/index.ph..._Homedirectory

  6. #21

    Join Date
    Oct 2008
    Posts
    94
    Thank Post
    8
    Thanked 16 Times in 10 Posts
    Rep Power
    27

    YaST domain membership and gdm issues

    I gave up on trying to set this up manually under Jaunty and I'm now working on getting this going using suse's Windows Domain Membership config tool (under Yast)- opensuse seems to be the only distro attempting to make this process relatively easy but its still far from click n' connect, there are a number of tweaks to perform before you can run the domain membership tool.

    I've now got Yast to configure suse as far as using openlikewise took me under 'buntu in that I can now log in using an AD members credentials and I know that I'm very close to having Yast set up automounting of the users home folders but its just not quite working yet. I can feel quite confident in saying that (unbelievably) no-one seems to have wrote an idiots guide to setting this whole thing up using yast and I believe this is why Linux isn't seeing more use in our schools and in other organisations as this functionality is a basic requirement for acceptance/ integration into the majority of our still mostly Windows dominated networks.

    Once we have this process nailed I'm going to write an idiots guide to doing this that anyone with basic Linux skills and enough knowledge to add a windows machine to an AD domain will be able to easily follow that can go on the opensuse and edugeek wikis. Sound good to you? Here's a summary of my current status which I posted to the opensuse forums yesterday but which I've had no response to yet:

    ----------------------------------

    I'm testing out opensuse's (11.1 i686 GNOME) AD integration features as I'd like to have Linux used in our school outside of the server room but I need a fully-working prototype before that can happen. After a significant bit of wrestling with Yast and various config files I now have AD login/ authentication working but I've been unable to get AD users home folders to auto-mount correctly.

    Under Yast/ Windows Domain Membership/ Expert settings I have left the UID/GID and WINS options at their default values as I don't think they're relevant to what I'm trying to do but I added an entry to the 'Mount Server Directories' list with these values:

    ----------------

    Server Name: server (I'm presuming I could put any name in here or must it match the DC's DNS/ realm name?)

    Remote Path: //192.168.0.3/student/%(DOMAIN_USER)

    Mount Point: /home/SERVER/%(DOMAIN_USER)

    Options: user=%(DOMAIN_USER) (The default)

    User Name: (Left Blank as I want home folder mounted for all users that log in, right?)

    ----------------

    I have noticed that even if I uncheck 'Create Home Directory on Login' a home folder gets created under /home/SERVER/%username anyway and so thats why I have used '/home/SERVER/%(DOMAIN_USER)' for the mount point even though I'd rather just use /home/%username as the local mount point. Can I do that instead?

    If I log in as an AD domain user then I open nautilus and go to 'smb://192.168.0.3/student/' I can see all the home folders and I know pam is mostly working as I can access files with my users home folder but not other users but this folder isn't being auto-mounted under /home/SERVER/%(DOMAIN_USER). Any ideas?

    Finally, after having added the suse box to the domain I get an extra drop-down on the gdm login screen that lets me choose if I want to log in locally or to the AD domain. However, it doesn't matter whether I choose local login or domain login from this menu as I still have to login like 'server\user' for the username. I would like it if users had no need to prefix their user name with the domain name when logging in at all or at least no need to do so when they choose the domain from the menu. Can this be done?

    Thanks!

SHARE:
+ Post New Thread
Page 2 of 2 FirstFirst 12

Similar Threads

  1. Automount Issues
    By richard in forum *nix
    Replies: 0
    Last Post: 21st November 2007, 07:44 AM
  2. I've just got to share this...
    By tech_guy in forum General Chat
    Replies: 30
    Last Post: 26th August 2007, 06:23 PM
  3. Samba share
    By apeo in forum *nix
    Replies: 17
    Last Post: 16th July 2007, 12:21 PM
  4. Map XP Share to Win 98
    By thom in forum Wireless Networks
    Replies: 7
    Last Post: 6th December 2006, 09:20 AM
  5. Share Permissions
    By wesleyw in forum Windows
    Replies: 6
    Last Post: 30th August 2006, 09:37 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •